Presentation is loading. Please wait.

Presentation is loading. Please wait.

OSG RA, DOEGrids CA features Doug Olson, LBNL August 2006.

Published byKory Foster Modified over 9 years ago

Similar presentations

Presentation on theme: "OSG RA, DOEGrids CA features Doug Olson, LBNL August 2006."— Presentation transcript:

1 OSG RA, DOEGrids CA features Doug Olson, LBNL August 2006

2 2 Contents RA, agent, sponsor layout & OU=People use case Sample web form Agent Role GridAdmin Role Questions Schedule

3 3 1.Subscriber requests Certificate 2.RM posts signing request notice 3.The RA for the Subscriber retrieves request 4.The RA agent reviews request with Grid project 5.The agent updates/approves/rejects request 6.Approved Certificate Request is sent to CM Grid Classic PKI People Certificate Workflow Subscriber 1 2 Registration Authority (RA) Agent 3 4 7 8 9 7.CM issues certificate 8.RM sends Email notice to Subscriber 9.Subscriber picks up new certificate 2 Sponsor Project DBMS 4 5 6 Certificate Manager (CM) (Certificate Signing Engine) Registration Manager (RM) PKI1.DOEGrids.Org CA

4 4 2. notify OSG RA Layout CDF CMS DES DOSAR DZero Fermilab fMRI GADU geant4 GLOW GRASE GridChem GridEx GROW i2u2 iVDGL LIGO mariachi MIS nanoHUB SDSS STAR USATLAS DOEGrids CA 1 Registration Manager Registered VOs Registered Support Centers CSC DOSAR DZero Fermilab fGOC GADU GRASE GROW-GOC LIGO mariach-support OSG-GOC PROD_SLAC SDSS STAR TACC UC CI USATLAS USCMS VDT Agents within each support center know which VOs and sites they support Subscriber Sponsor Certificate 10. download 4.c verify4.d reply 4.e. confirm or deny 5. approve or reject request 1. submit Subscriber chooses one of the existing OSG registered VOs Draft 19 Apr 2006 Typical use case for personal certificate. 3. retrieve request 4.b authenticate 7. 6. 2,8. notify VO sponsor DB 4.a check authorized sponsors RA Log 9. Record RA actions LDAP Cert. directory Publish certificates

5 5 Things on the horizon ESnet has a new version of the CA software in and house under investigation –RedHat Certificate System http://www.redhat.com/solutions/rhcs/ evolution of same code base of iPlanet/SUN CMS OSG RA setting up Roundup Issue Tracking to track request processing with more flexibility than the CA Agent interface. –Will form basis of RA performance metrics. Implementing https based sponsor confirmation as alternative to digitally signed email DOEGrids/ESnet looking at setting up CA tied to other user account database via Radius, such as LDAP, …

6 6 Interfaces we can affect Cert Request form (somewhat) Cert management scripts Email request notices to agents (somewhat) Consider separate OSG Registration Manager to isolate OSG from other RA requests Ldap directory of published certificates

Download ppt "OSG RA, DOEGrids CA features Doug Olson, LBNL August 2006."

Similar presentations

Support: Certificates and Helpdesks Andrew Richards (GSC/NGS) – CCLRC, RAL.

Support: Certificates and Helpdesks Andrew Richards (GSC/NGS) – CCLRC, RAL.
Financial Aid Management System Account Registration and Confirmation.

Financial Aid Management System Account Registration and Confirmation.
ProcessIt Document Library 8.0 Controlled Documents Suite.

ProcessIt Document Library 8.0 Controlled Documents Suite.
GUMS status Gabriele Carcassi PPDG Common Project 12/9/2004.

GUMS status Gabriele Carcassi PPDG Common Project 12/9/2004.
OSG PKI RA Training Mine Altunay, Jim Basney OSG PKI Team October 1, 2012.

OSG PKI RA Training Mine Altunay, Jim Basney OSG PKI Team October 1, 2012.
INFORMATION SYSTEMS SERVICES UNIVERSITY OF LEEDS Presentation to the UK e-Science Grid Workshop ‘Managing Access to Resources on the Grid’ e-Science Institute,

INFORMATION SYSTEMS SERVICES UNIVERSITY OF LEEDS Presentation to the UK e-Science Grid Workshop ‘Managing Access to Resources on the Grid’ e-Science Institute,
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006 www.opensciencegrid.org.

Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April
OSG Area Coordinators Meeting Security Team Report Mine Altunay 05/15/2013.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 05/15/2013.
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.

Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.
Summer School Certificates Diego Romano & Gilda Team.

Summer School Certificates Diego Romano & Gilda Team.
Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.

Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.
Getting grid-enabled Steps involved: personal grid certificate  Request a certificate from:

Getting grid-enabled Steps involved: personal grid certificate  Request a certificate from:
OSG PKI Grid Admin (GA) Training Mine Altunay, Jim Basney OSG PKI Team October 8, 2012.

OSG PKI Grid Admin (GA) Training Mine Altunay, Jim Basney OSG PKI Team October 8, 2012.
CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.

CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.
OSG Area Coordinators Meeting Security Team Report Kevin Hill 08/14/2013.

OSG Area Coordinators Meeting Security Team Report Kevin Hill 08/14/2013.
VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.

VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.
OSG RA plans Doug Olson, LBNL May 2006. 2 Contents RA, agent, sponsor layout & OU=People use case Sample web form Agent Role GridAdmin Role Questions.

OSG RA plans Doug Olson, LBNL May Contents RA, agent, sponsor layout & OU=People use case Sample web form Agent Role GridAdmin Role Questions.
May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,

May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,
OSG Security Kevin Hill. Goals Operational Security – Identify software vulnerabilities – observing the practices of our VOs and sites, and sending alerts.

OSG Security Kevin Hill. Goals Operational Security – Identify software vulnerabilities – observing the practices of our VOs and sites, and sending alerts.
Computing Division Helpdesk Activity Report Rick Thies May 23, 2006.

Computing Division Helpdesk Activity Report Rick Thies May 23, 2006.

Similar presentations

Ads by Google